Back to skill
Skillv1.0.0
VirusTotal security
OSINT Investigator · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:31 AM
- Hash
- b8ebe9bd7ecdbedc75bc21952693cf30ae88b9a3d78c1ce923affdb5a3dc909b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: osint-investigator Version: 1.0.0 The skill is classified as suspicious due to several high-risk capabilities and potential vulnerabilities, despite its stated benign purpose of OSINT. Key indicators include the extensive use of shell commands (`whois`, `dig`, `curl`, `exiftool`) in `SKILL.md` which, if user input is not properly sanitized by the agent, could lead to shell injection and arbitrary command execution. Additionally, the `scripts/generate_pdf.sh` script attempts to install `fpdf2` using `pip3 install --break-system-packages`, a powerful command that modifies the system Python environment and could be abused if the package name were manipulated. The skill also stores sensitive API keys and user credentials (including passwords for social media platforms) in `config/osint_config.json`, which, while protected by `chmod 600`, still represents a local data exposure risk. There is no evidence of intentional malicious behavior, but these capabilities and vulnerabilities pose significant security risks.
- External report
- View on VirusTotal